| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
|
|
|
|
|
|
Use cat instead of sort -R to disable random relinking for now, until we
find the culprit. For whoever interested, using cat or sort avoids the
problem but using sort -r makes it 100% reproducible in my tests.
Suggested by deraadt@
|
|
|
|
ok jsg@
|
|
|
|
|
|
ok hackroom
tested by plenty
|
|
ok hackroom
tested by plenty
|
|
Patch by msaitoh@netbsd, who tested both PSE SGMII ports on a Helix 330.
|
|
Intel Elkhart Lake Ethernet now reaches 934 Mbps Tx/Rx in my testing.
Patch by msaitoh@netbsd, thanks!
Tested by myself on Elkhart Lake, dlg@ on arm64, and jca@ on riscv.
ok dlg@ patrick@
|
|
OK mvs@
|
|
|
|
this is the result of a bunch of discussion at h2k23.
ok claudio@ mvs@ bluhm@
|
|
|
|
|
|
OK mvs@
|
|
|
|
|
|
These 'builder' functions, usually used together, can result in corrupt
ASIdentifiers on failure. In general, no caller should ever try to recover
from OpenSSL API failure. There are simply too many traps. We can still
make an effort to leave the objects in unmodified state on failure. This
is tricky because ownership transfer happens. Unfortunately a really
clean version of this seems impossible, maybe a future iteration will
bring improvements...
The nasty bit here is that the caller of X509v3_asid_add_id_or_range()
can't know from the return value whether ownership of min and max was
transferred or not. An inspection of (*choice)->u.range is required.
If a caller frees min and max after sk_ASIdOrRange_push() failed, there
is a double free.
All these complications could have been avoided if the API interface
had simply used uint32_t instead of ASN1_INTEGERs. The entire RFC 3779
API was clearly written without proper review. I don't know if there
ever was an actual consumer before rpki-client. If it existed, nobody
with the requisite skill set looked at it in depth.
ok beck for the general direction
with a lot of input and ok jsing
|
|
|
|
Have -c override -N, like other gzip implementations. Before, our -N
(decompress to stored name) overrode -c (cat to stdout) and crashed
with a pledge violation, because the pledge for -c excludes wpath.
Guilherme Janczak reported the pledge violation in July 2022 and
provided a diff to prevent it, along with a regress test. I rewrote
the diff and expanded the regress.
ok kn@ millert@
|
|
Wo don't have them anywhere else, so we don't need them here.
No text change.
|
|
OK millert@ jmc@
triggered by a question from cheloha@
|
|
For implementing MP safe route lookup, it helps to know which
function parameters are constant. Add some const declarations, so
that the compiler guarantees that sockaddr dst parameter of
rtable_match() does not change.
OK dlg@
|
|
|
|
|
|
to separately add another flag via SET(). Just pass the correct
combo to scsi_xs_get().
ok dlg@
|
|
Suggested by espie@
While here, sprinkle more .Ev.
|
|
ok tb@
|
|
using 'flag <part #>' to make a partition the only bootable partition.
Just turn off the bootable bit in the other partitions.
ok dlg@
|
|
remove unused NULL pointer that was passed to printf %s.
|
|
Rename ifq_set_maxlen() to ifq_init_maxlen(). This function neither
uses WRITE_ONCE() nor a mutex and is called before the ifq mutex
is initialized. The new name expresses that it should be used only
during interface attach when there is no concurrency.
Protect ifq_len(), ifq_empty(), ifiq_len(), and ifiq_empty() with
READ_ONCE(). They can be used without lock as they only read a
single integer.
OK dlg@
|
|
.. INT64_MAX decimal values..
Easier to specify the 64 bits of GPT partition attributes and
0x8000000000000000 (a.k.a. MS_NOAUTOMOUNT, a.k.a. 1 << 63)
becomes accessable.
Prompted by bug report and testing by Philippe Meunier. Thanks!
ok dlg@
|
|
|
|
Tweak from kn@
OK landry@ kn@
|
|
|
|
|
|
Phoenix 2 parts include both Zen4 and Zen4c cores
used by Ryzen Z1, Ryzen 5 7545U, Ryzen 3 7440U with cpuid 19-78-00
|
|
ober_scanf_elements(). This allows us to move down and back up multiple
levels in with nested sequences and sets.
While here, on failure, make sure we free (and unlink if needed) all
elements we created.
OK claudio@, tb@
|
|
Turn [-U username] into [-U user] to match top(1)/pgrep(1)/fstat(1) -U/-u
taking both "root" and "0".
Feedback OK millert
|
|
from markus@
|
|
flakiness.
|
|
OK kn@ jmc@
|
|
Since cheloha@ has implemented timeout processes that do not grab
the kernel lock, start using TIMEOUT_MPSAFE for arptimer().
OK kn@ mvs@
|
|
|
|
This is a straightforward conversion because I'm not going to start a
cleanup here. Explain why this is not using X509_ALGOR_set_md(). See
below.
ok jca
Let me include a beautiful note from RFC 5754 in its entirety:
NOTE: There are two possible encodings for the AlgorithmIdentifier
parameters field associated with these object identifiers. The two
alternatives arise from the loss of the OPTIONAL associated with the
algorithm identifier parameters when the 1988 syntax for
AlgorithmIdentifier was translated into the 1997 syntax. Later, the
OPTIONAL was recovered via a defect report, but by then many people
thought that algorithm parameters were mandatory. Because of this
history, some implementations encode parameters as a NULL element
while others omit them entirely. The correct encoding is to omit the
parameters field; however, when some uses of these algorithms were
defined, it was done using the NULL parameters rather than absent
parameters. For example, PKCS#1 [RFC3447] requires that the padding
used for RSA signatures (EMSA-PKCS1-v1_5) MUST use SHA2
AlgorithmIdentifiers with NULL parameters (to clarify, the
requirement "MUST generate SHA2 AlgorithmIdentifiers with absent
parameters" in the previous paragraph does not apply to this
padding).
|
